[ Including a CC to Robie from the previous bug #763589... ]
Hey guys,
Right.
And in #763589 we have:
>I've observed a system with a correctly working fake-hwclock
>(originally initalised by NTP) set its time back to shortly after the
>epoch, including in /etc/fake-hwclock.data.
>
>I believe this happened because "fake-hwclock save" was called after
>boot before "fake-hwclock load" was called.
>
>I think this happens in the case of a very early shutdown event that
>calls "/etc/init.d/rc 0" before "/etc/init.d/rcS" has completed.
>
>In my case, I have a Raspberry Pi rigged with an external shutdown
>signal hooked up via udev. If the signal is "high" at boot time, then
>the Pi shuts down without fully booting up.
>
>I'm not entirely sure that this is the cause, but the race is there.
We have two conflicting requirements here, I think. Thanks for
explaining your logic, both of you.
The problem is that I don't think there's a good solution to both
problems here. We can't *know* that the system time has been read from
fake-hwclock.data before calling "save". I briefly considered adding a
"I've seen this" flag that could be set in "load", but that's no
guarantee at all - if we power down unexpectedly then it'll be set
already at next boot.
What we *can* do is instead add an extra declaration of system time
based on the build/release date of the particular version of the
fake-hwclock package in use, and refuse to back to a date before
*that* unless --force is used. How does that sound?
Or can you think of any other possible fixes here?
[ I've also just realised that I'll need to go back and re-add
initramfs support now that we automatically attempt to mount and
fsck /usr in the initramfs. Joy \o/ ]
--
Steve McIntyre, Cambridge, UK.
st...@einval.com
"I suspect most samba developers are already technically insane... Of
course, since many of them are Australians, you can't tell." -- Linus Torvalds